AD Import Rule for Role and Account is failing with: No security groups defined and 'ImportAllGroups' is not set.

Article Id:173150

Status:Published

Updated On:04-12-2018 14:47

Legacy Id:TECH252445

Products:

Management Platform (Formerly known as Notification Server)

Issue/Introduction:

The customer is trying to bring Roles and Accounts to his SMP. He created an Import Role and Account resources Rule that points to one of this OUs in AD. However, when he runs the rule, he gets this error:

The message refers that for the Import Role and Account resources AD Rule, it requires that a security Group is selected.

In this example, we have setup a new OU (organizational unit) called "Contractors". As well a sub-OU called "Sales". In the sub-OU "Sales" a new user was created called "Lab Tester".

When we selected the OU for this Import Role and Account resources AD Rule, we selected the "Sales" sub-OU.

However, this OU doesn't contain a security group that has this user as a member. The Import Rule requires a Security Group as part of the OU that is been imported to work properly.

Environment:

ITMS 7.6 and later

Resolution:

Create a Security Group in the desired OU and make sure these users are part of it.

OR use the "Users" OU for this import Role and Account resources AD Import Rule, which should bring any user for all the security groups already present (in this example this user called " Lab Tester" also belongs to the "Domain Users" security group as shown in the previous screenshot)